EVE AI Core
EVE AI Core
HIPAA enforcement at the clinical AI decision layer. CoreGuard blocks PHI leakage, hallucination in clinical outputs, and unauthorized data access before they reach your patients or clinical staff — with a signed audit certificate for every decision.
HIPAA does not have AI-specific regulations — but every existing HIPAA obligation applies to AI systems that access, generate, or transmit protected health information. Most AI deployments are not architected to meet these obligations at the decision layer.
HIPAA's Privacy Rule requires that PHI disclosures be limited to the minimum necessary to accomplish the intended purpose. AI systems that ingest broad patient record context to answer a narrow clinical question routinely violate this principle. CoreGuard enforces minimum-necessary scoping at the request level — blocking AI calls that present more PHI context than the task requires.
The Security Rule requires access controls, audit controls, and activity logs for ePHI. AI systems create a new surface: the model itself may memorize or inadvertently reproduce PHI from training data, and prompt injection attacks can cause models to exfiltrate PHI in their outputs. CoreGuard detects PHI in AI outputs before they are delivered and enforces role-based access at the clinical AI request layer.
When a potential PHI breach occurs, covered entities need documentation of what information was involved and when. AI systems without decision-level audit trails make this nearly impossible. CoreGuard's hash-chained certificate record gives your privacy officer a complete audit trail for any AI interaction, including any PHI detection events that were flagged and blocked.
LLM API providers are typically business associates when used in clinical AI workflows. The BAA requires that business associates implement appropriate safeguards and report breaches. CoreGuard sits in the call path and enforces HIPAA safeguards regardless of the underlying LLM provider's own compliance posture — creating a governed layer above the model that your privacy officer can audit independently.
The FDA's framework for AI/ML-based Software as a Medical Device requires ongoing performance monitoring and change management documentation. CoreGuard's decision certificate stream serves as the runtime performance monitoring record that SaMD submissions require, documenting every decision the clinical AI made and whether it was governed by the policy version in the regulatory filing.
CMS's 2024 interoperability and prior authorization rule requires payers to use APIs for prior authorization and to provide specific denial reasons within defined timelines. AI systems automating prior authorization decisions must be auditable. CoreGuard enforces denial reason specificity, non-discrimination requirements, and decision timing compliance in automated prior authorization workflows.
Clinical AI deployments fail in predictable ways. CoreGuard is built to intercept all three failure categories before they affect patients, clinicians, or your organization's compliance posture.
Large language models confidently generate plausible-sounding but medically incorrect information. A clinical decision support tool that hallucinates a contraindicated drug interaction, a prior authorization AI that invents a clinical guideline citation, or a patient communication chatbot that describes a medication effect incorrectly all create immediate patient safety and liability exposure.
CoreGuard response: The clinical policy pack evaluates outputs against structured clinical safety rules — drug dosage plausibility, anatomical consistency, citation existence, and certainty calibration. Outputs that fail clinical safety rules are blocked and replaced with a safe fallback; the intervention is logged with the specific rule that triggered.
Clinical AI systems trained on historically biased datasets reproduce those biases in care recommendations. Prior authorization AI that disproportionately denies coverage for minority populations, clinical decision support that underestimates pain in certain demographic groups, and risk stratification tools with disparate accuracy across races are now documented failure patterns in deployed systems.
CoreGuard response: The healthcare policy pack includes demographic disparity monitoring in near real-time. Approval rate and recommendation rate differences across demographic cohorts are tracked in the certificate stream and trigger compliance alerts when they exceed configurable thresholds. Protected characteristics cannot be used as direct decision inputs; proxy detection identifies indirect paths.
Clinical AI systems create two categories of PHI risk that traditional security controls do not address. First, prompt injection attacks can cause a model to reproduce PHI from its context window in unexpected outputs. Second, models can be queried by users without appropriate role-based access, exposing patient information to staff or systems that lack HIPAA authorization for that information.
CoreGuard response: PHI detection runs on all AI outputs before delivery. Role-based access policies at the CoreGuard policy layer enforce minimum-necessary PHI scoping based on the requester's role and the clinical context of the request. Any detected PHI in an output that exceeds the authorized disclosure scope is redacted; the detection event is logged in the certificate.
CoreGuard's healthcare policy pack is designed around the specific workflows where clinical AI creates the most compliance exposure.
Prior authorization AI must comply with CMS timelines, provide specific denial reasons, apply current clinical guidelines consistently, and not discriminate on the basis of protected characteristics. CoreGuard enforces each of these requirements as a policy rule, producing a certificate for every PA decision that documents rule compliance.
Clinical decision support tools embedded in EHR workflows advise clinicians on diagnosis, treatment selection, and drug therapy. CoreGuard evaluates CDS outputs for clinical safety — drug interaction accuracy, dosage plausibility, contraindication checking — and enforces appropriate uncertainty disclosure.
Patient-facing AI — chatbots, automated care navigation, discharge instructions, medication guidance — creates direct HIPAA and clinical safety exposure. CoreGuard evaluates patient communications for PHI minimization, accurate medication information, appropriate scope of practice, and crisis response routing.
Every clinical AI decision evaluated through CoreGuard produces a signed audit record. This record satisfies HIPAA audit control requirements, provides FDA SaMD runtime monitoring documentation, and gives your privacy officer a complete chain of custody for any AI interaction involving PHI.
{
"certificate_id": "cert_c2f8e1a7-4d3b-49a0-b8f2-6e9a1c0d4b7e",
"issued_at": "2026-05-05T09:14:22.317Z",
"policy_set": "clinical_v1",
"decision": {
"status": "MODIFIED",
"risk_level": "MEDIUM",
"action_type": "clinical_decision_support",
"intervention_applied": true,
"intervention_type": "certainty_calibration"
},
"policy_evaluation": {
"rules_evaluated": 19,
"rules_triggered": 1,
"violations": [
{
"rule_id": "clinical.certainty.no_absolute_diagnosis",
"severity": "medium",
"description": "Absolute diagnostic statement without differential",
"action_taken": "MODIFIED — uncertainty qualifier added"
}
],
"phi_detection": "PASS — no unexpected PHI in output",
"drug_safety_check": "PASS",
"demographic_proxy_check": "PASS"
},
"context": {
"requester_role": "attending_physician",
"encounter_type": "inpatient",
"clinical_domain": "cardiology",
"phi_scope": "minimum_necessary_verified"
},
"hipaa": {
"minimum_necessary_check": "PASS",
"access_authorization": "VERIFIED",
"audit_control_logged": true
},
"signature": "HMAC-SHA256:9c1e3f7a8b2d..."
}CoreGuard integrates into existing clinical AI workflows without requiring changes to your EHR or model infrastructure.
Pre-built integration connectors for Epic's App Orchard, Oracle Health (Cerner) SMART apps, and Meditech Expanse. CoreGuard runs in the SMART on FHIR authorization flow, evaluating clinical AI requests with patient context available for minimum-necessary enforcement.
For clinical decision support tools deployed as HL7 CDS Hooks services, CoreGuard inserts into the request-response flow between the EHR and the CDS service. The CDS suggestion is evaluated before it is returned to the EHR, ensuring clinicians never see an ungoverned clinical AI recommendation.
CoreGuard's healthcare policy pack is FHIR R4-aware. Minimum-necessary rules can reference FHIR resource types to enforce which patient data elements a given AI request is authorized to access. PHI detection understands FHIR data structures and can identify PHI that appears in unexpected fields.
For health systems with strict data residency requirements, CoreGuard is available as a private cloud or on-premises deployment. The evaluation engine runs within your existing infrastructure, PHI never transits to EVE Core infrastructure, and the BAA is scoped accordingly. Supports air-gapped clinical environments.
When CoreGuard is deployed to evaluate AI decisions involving PHI, EVE Core enters into a Business Associate Agreement (BAA) with the covered entity. CoreGuard's evaluation pipeline is designed to minimize PHI exposure — the policy evaluation engine operates on structured request metadata where possible and applies PHI detection to flag unexpected PHI exposure in clinical AI outputs. Enterprise deployments support on-premises or private cloud configurations that keep PHI within the covered entity's own infrastructure, which limits EVE Core's BAA scope to configuration and support only.
CoreGuard's clinical policy pack includes a hallucination risk assessment layer that evaluates clinical AI outputs against a set of clinical safety rules before they are delivered to clinicians or patients. Rules check for anatomically implausible statements, drug dosage anomalies outside therapeutic ranges, contradictions between the output and structured patient data fields, and absolute certainty claims in diagnostic contexts. Flagged outputs are blocked and replaced with a safe fallback response, or modified to add required uncertainty qualifiers; the intervention is logged in the decision certificate with the specific rule that triggered.
CoreGuard integrates with EHR systems through its REST API, which can be called from any FHIR-capable integration layer. We provide pre-built integration connectors for Epic, Cerner (Oracle Health), and Meditech. For clinical decision support tools deployed as CDS Hooks services, CoreGuard can be inserted into the CDS Hooks request flow to govern the clinical AI response before it is returned to the EHR. SMART on FHIR authentication is supported for patient-context-aware policy evaluation, so CoreGuard has the clinical context it needs to enforce minimum-necessary PHI rules accurately.
For clinical AI systems that meet the definition of Software as a Medical Device (SaMD) under FDA guidance, CoreGuard's audit trail and enforcement documentation can support the software development lifecycle documentation required for FDA submissions. CoreGuard's decision certificates provide the runtime performance monitoring documentation that FDA guidance on AI/ML-based SaMD requires, documenting every decision the clinical AI made, the policy version that was active, and whether any safety rules were triggered. Our policy engineering team can work with your regulatory team to align policy pack design with your predicate device documentation.
Talk to our healthcare team about a CoreGuard deployment scoped to your specific clinical AI stack — EHR integration, CDS Hooks, prior authorization, or patient communication. We start with a 30-minute architecture review at no cost.
Also see: Financial Services AI Governance | Legal AI Compliance